A Third of Known Computer Security Flaws Have No Solution

A Third of Known Computer Security Flaws Have No Solution

In the first half of 2019, analysts at computer security firm Risk Based Security (RBS) enumerated a total of 11,092 flaws in computer systems (known as vulnerabilities) that could be exploited by a hacker to take unauthorized actions in another person’s or organization’s system.

Huge Survey of Firmware Finds No Security Gains in 15 Years

Huge Survey of Firmware Finds No Security Gains in 15 Years

CITL researchers studied publicly available firmware images and evaluated them for the presence of standard security features such as the use of non-executable stacks, Address Space Layout Randomization (ASLR) and stack guards, which prevent buffer overflow attacks.

Kasper-Spy: Kaspersky Anti-Virus puts users at risk

Kasper-Spy: Kaspersky Anti-Virus puts users at risk

A strange discovery on my office computer led me to unearth an astonishing data leak caused by Kaspersky's antivirus software.The data leak allowed websites to unnoticeably read the individual ID of Kaspersky users.

Amazon says its facial recognition can now identify fear

Amazon says its facial recognition can now identify fear

Amazon said this week its facial recognition software can detect a person's fear.The tech giant revealed updates to the controversial tool on Monday that include improving the accuracy and functionality of its face analysis features such as identifying gender, emotions and age range.

Windows Defender ranked one of the best antivirus solutions

Windows Defender ranked one of the best antivirus solutions

In the German independent research institute’s May/June 2019 ‘best antivirus software for Windows Home Users’ report, Windows Defender is one of four products to receive perfect 6 out of 6 scores in the protection, performance, and usability categories.

Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware

Google Warning: Tens Of Millions Of Android Phones Come Preloaded With Dangerous Malware

Millions of shiny new Android smartphones are being purchased with dangerous malware factory-installed, according to Google's own security research team.Android is a thriving open-source community, which is great for innovation but not so great when threat actors seize the opportunity to hide malware in basic software loads that come on boxed devices.

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how messaging apps access background iOS data

Apple plans to restrict how apps implement internet voice call functionality, which currently could allow mobile software to collect data while running in the background, according to a new report from The Information.

Apple may soon hand special iPhones to security researchers

Apple may soon hand special iPhones to security researchers

As Patrick Wardle, principal security researcher at Jamf that found several issues in macOS, told Forbes: "If you're a large, well-resourced company such as Apple, who claims to place a premium on security, having a bug-bounty program is a no brainer."

Apple suspends Siri response grading in response to privacy concerns

Apple suspends Siri response grading in response to privacy concerns

Apple says it will review the process that it uses, called grading, to determine whether Siri is hearing queries correctly, or being invoked by mistake. The Guardian story from Alex Hern quoted extensively from a contractor at a firm hired by Apple to perform part of a Siri quality control process it calls grading.

New Warning Issued Over Google's Chrome Ad-Blocking Plans

New Warning Issued Over Google's Chrome Ad-Blocking Plans

The discovery was made by security researcher Sam Jadali, who told me at the time that Google’s Manifest V3 does not solve this specific problem: “It has some improvements however it explicitly states that server communication (potentially changing extension behavior) will still be allowed.

Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)

Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)

CVE-2019-9849 : This vulnerability, which you can fix by installing the latest available update, could allow the inclusion of remote arbitrary content within a document even when 'stealth mode' is enabled.

What can we learn from Palantir’s secret user manual for police users of its big data software?

What can we learn from Palantir’s secret user manual for police users of its big data software?

A Bloomberg article last year gave some details of how the Los Angeles Police Department uses Palantir’s Gotham product for Operation Laser, a program to identify and deter people likely to commit crimes: Information from rap sheets, parole reports, police interviews, and other sources is fed into the system to generate a list of people the department defines as chronic offenders, says Craig Uchida, whose consulting firm, Justice & Security Strategies Inc., designed the Laser system.

Never-Googlers: Web users take the ultimate step to guard their data

Never-Googlers: Web users take the ultimate step to guard their data

Google in May unveiled new features it said would help users protect more of their data, including storing more of it on personal devices rather than in cloud computing centers, and giving people more control over how and when tracking software, or cookies, is deployed.

Rethinking Technological Positivism with Cory Doctorow

Rethinking Technological Positivism with Cory Doctorow

Self-driving cars or armed autonomous military robots may make use of the same technologies. In a certain sense, we as software developers are helping to build and shape the future. What does the future look like and are we helping build the right one?

Is someone watching me? — Webcam Security

Is someone watching me? — Webcam Security

People worldwide are encountering cyberattacks like getting their computers infected by malware and letting others access their webcams or microphones. With a malicious code a hacker can easily control your computer and perform many different actions like access your webcam.

When Will We Get the Full Truth About How and Why the Government Is Using Face Recognition?

When Will We Get the Full Truth About How and Why the Government Is Using Face Recognition?

Despite some pushback from some lawmakers on the committee, John Wagner of the U.S. Customs and Border Protection (CBP), Austin Gould of the Transportation Security Administration (TSA), Joseph DiPietro of the Secret Service, and Charles Romine from the National Institute of Standards and Technology (NIST) argued that face recognition and biometric surveillance is safe, regulated, and essential for the purposes of keeping airports and U.S. borders secure.

How To Tell If Someone is Watching You: Is Your Webcam Hacked?

How To Tell If Someone is Watching You: Is Your Webcam Hacked?

Basic malware will run as a process on your computer without you noticing (until, that is, pictures from your webcam appear on the internet). One more tell-tale sign that your webcam has been hacked is if the security settings for it are a bit screwy.

Israeli spyware used in WhatsApp hack 'can secretly snoop on your Apple, Facebook and Google data'

Israeli spyware used in WhatsApp hack 'can secretly snoop on your Apple, Facebook and Google data'

Potential customers of the Israeli company NSO's hacking software have allegedly been told that the technology can now "surreptitiously scrape all of an individual's data from the servers of Apple, Google, Facebook, Amazon and Microsoft".

Browser Extensions Scraped Data From Millions of People

Browser Extensions Scraped Data From Millions of People

Ars Technica reporter Dan Goodin brings the news of a major new privacy failure recently unearthed by security researchers: widely used Chrome and Firefox browser extensions scraped and sold the data of more than 4.1 million people, until the researcher alerted Google and Mozilla.

Report: Israeli surveillance tool can silently collect all iCloud data for a targeted user

Report: Israeli surveillance tool can silently collect all iCloud data for a targeted user

Apple is facing a new security threat, thanks to developments in the spyware/surveillance tool sold by the Israeli firm NSO Group. Via the Financial Times, the Pegasus phone software now not only harvests data from the user’s onboard storage, but also all communications with the connected cloud.

Why the Ghost Keys `Solution’ to Encryption is No Solution

Why the Ghost Keys `Solution’ to Encryption is No Solution

Forcing providers to modify their software to implement a ghost key system would seriously damage the overall trust that people have in end-to-end encrypted communications.

Google removes stalkerware apps after researchers discover trackers on Play Store

Google removes stalkerware apps after researchers discover trackers on Play Store

"These apps are highly unethical and problematic for people's privacy and shouldn't be on the Google Play Store, as they promote criminal behavior, and can be abused by employers, stalkers or abusive partners to spy on their victims," Nikolaos Chrysaidos, Avast's head of mobile threat intelligence and security, said in a statement.

Public Statement on Neutrality of Free Software  -  F-Droid - Free and Open Source Android App Repository

Public Statement on Neutrality of Free Software - F-Droid - Free and Open Source Android App Repository

This also means F-Droid won’t allow oppression or harassment to happen at its communication channels, including its forum. We believe platforms like F-Droid’s repository or fediverse instances must be moderated in order to prevent oppression and harassment to flourish.

Oakland Officials Take Step Towards Banning City Use Of Facial Recognition Tech

Oakland Officials Take Step Towards Banning City Use Of Facial Recognition Tech

ALSO READ: San Francisco Supervisors Approve Facial Recognition Technology Ban The vote on Tuesday evening was for the first reading of the ordinance, city officials said.

Council Bans City Use Of Facial Recognition Tech

Council Bans City Use Of Facial Recognition Tech

But other agencies across the country have, including the San Mateo County Sheriff's Office, which scans its mugshot database with facial recognition software, according to a report by Oakland police.

Oakland City Council to Talk Facial Recognition Ban

Oakland City Council to Talk Facial Recognition Ban

The discussion surrounding the future of facial recognition is expected to continue Tuesday night in Oakland, about two months after San Francisco became the first U.S. city to outlaw the technology. San Francisco supervisors this week passed legislation that would ban the use of facial recognition technology by law enforcement agencies and other city departments.

Google really is spying on you: Firm reveals contract workers listen to private smart speaker recordings

Google really is spying on you: Firm reveals contract workers listen to private smart speaker recordings

The technology company pays "language experts" around the world to listen to and transcribe audio recordings made by users. Temporary workers, supplied by contractors, are sent audio recordings to transcribe so that Google can improve its services for people who speak in different accents and languages.

Stalkerware Warning: Your Partner or Ex May Be Tracking Your Smartphone

Stalkerware Warning: Your Partner or Ex May Be Tracking Your Smartphone

Anti-virus software researchers report that thousands of people, mostly women, have “stalkerware” apps hidden on their phones — surreptitiously installed by their partners — that give the stalker access to the victim’s email, location, SMS, social media messages and even live feeds from their device cameras or microphones.

Twitter Pushed Adverts for Spyware to Monitor Girlfriends

Twitter Pushed Adverts for Spyware to Monitor Girlfriends

The advert heavily suggested the monitoring could be done without the subject's consent; it is illegal to use spyware in this way in the U.S. The news shows how companies selling consumer spyware —sometimes known as stalker- or spouseware due to who it is used by and against—leverage platforms to try and get more customers.

These are the sneaky new ways that Android apps are tracking you

These are the sneaky new ways that Android apps are tracking you

Egelman added that the workings of these apps often made the deception obvious to researchers: “There are many apps that we observed which try to access the data the right way through the Android API, and then, failing that, try and pull it off the file system.”.

More